Reputation: 51
Opening/Writing to a file from a Kprobe handler
I am writing a Linux kernel module using Kprobes to trace specific system calls, and I need to write to a file from within a KProbe handler (specifically, a Kretprobe). I know this is generally not advised, but I need to write the output to a very specific location, so I can't use any standard logging mechanisms.
I can open/write fine from the init() function in the module, but when I try to do so from within a probe handler, the kernel crashes.
Upvotes: 2
Views: 703
Answers (1)
Reputation: 66118
From Documentation/kprobes.txt:
Probe handlers are run with preemption disabled. Depending on the architecture and optimization state, handlers may also run with interrupts disabled (e.g., kretprobe handlers and optimized kprobe handlers run without interrupt disabled on x86/x86-64). In any case, your handler should not yield the CPU (e.g., by attempting to acquire a semaphore).
In other words, you cannot sleep inside probe handler. Because read/write operations with file normally use disk I/O, you cannot use these operations inside the handler.
I need to write the output to a very specific location, so I can't use any standard logging mechanisms.
You can output trace from probe handler, e.g., into the special device file, and run(in parallel) user-space program, which simply reads that file and writes into one at very specific location.
Upvotes: 3
Related Questions
- Read/write files within a Linux kernel module
- kprobe handler not getting triggered for specific function
- Get a function's return value in a kretprobe handler
- Opening a file from userspace from a Linux kernel module
- How to invoke any kernel function?
- register_kretprobe fails with a return value of -2
- register_kprobe is returning -2
- Code for writing and reading on a device file from a kernel module?
- reading and writing from a file in linux kernel
- Linux - Programmatically write to a proc file